View/ Open
Fakolujo_&_Qureshi_2023.pdf (1.012Mb)
Download
Publication date
2023-08Peer-Reviewed
YesOpen Access status
openAccessAccepted for publication
2023
Metadata
Show full item recordAbstract
Software-Defined Networking (SDN), a novel and innovative networking technology, offers programmability and flexibility within networks and centralized control of those networks. The separation of data and control planes, as well as the concentration of all control provisioning options within a SDN controller, are two of the most significant ways in which SDN improves on traditional network deployments. However, because different planes in an SDN network are separated, the network contains several attack vectors that malicious users could exploit. Distributed Denial-of-Service (DDoS) attacks pose a unique threat to SDN because they can disrupt connections between the controller and data plane devices. Therefore, developing and implementing intrusion detection systems (IDS) in SDN is necessary. This paper investigates IDS in software-defined networks for effectively detecting DDoS attacks using signature-based and machine learning (ML)-based approaches. Mininet and OpenDayLight are used to simulate an SDN environment in which normal and attack traffic is generated to assess intrusion detection techniques. The Snort IDS is employed as the signature-based IDS in this study, while the ML algorithms, Random Forest (RF), J48, Naive Bayes (NB), and Support Vector Machine (SVM) are used to implement the ML-based IDS. The IDS are examined using SDN-generated traffic, with the InSDN-NB model surpassing all other ML models and Snort IDS with 98.86% prediction accuracy and a train time of 1.46s.Version
Accepted manuscriptCitation
Fakolujo O and Qureshi A (2023) Analysis of detection systems in a Software-Defined Network. In: Arai, K. (ed.) Intelligent Computing. SAI 2023. Lecture Notes in Networks and Systems. Vol 739. Springer.Link to Version of Record
https://doi.org/10.1007/978-3-031-37963-5_91Type
Book chapterae974a485f413a2113503eed53cd6c53
https://doi.org/10.1007/978-3-031-37963-5_91